Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/98933a-7581-4979-9121-0e1a68c7563b/1/OvxewYwBl9Z-DZgGUrohkYVt4Ho.roa
File: OvxewYwBl9Z-DZgGUrohkYVt4Ho.roa (raw, json)
Hash identifier: swcqXyxMExm2CUnASOGNSGNoOZXpHt3pI6sRtQ1zz3E=
Subject key identifier: 3A:FC:5E:C1:8C:01:97:D6:7E:0D:98:06:52:BA:21:91:85:6D:E0:7A
Certificate issuer: /CN=fa9b89f367d4fb950287701f62d4a039b7f6cb20
Certificate serial: 01856F670D8E10678B4AF6F24557F06B179C
Authority key identifier: FA:9B:89:F3:67:D4:FB:95:02:87:70:1F:62:D4:A0:39:B7:F6:CB:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-puJ82fU-5UCh3AfYtSgObf2yyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/98933a-7581-4979-9121-0e1a68c7563b/1/OvxewYwBl9Z-DZgGUrohkYVt4Ho.roa
Signing time: Sun 01 Jan 2023 22:15:02 +0000
ROA not before: Sun 01 Jan 2023 22:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198717
IP address blocks: 37.233.96.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:67:0d:8e:10:67:8b:4a:f6:f2:45:57:f0:6b:17:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa9b89f367d4fb950287701f62d4a039b7f6cb20
Validity
Not Before: Jan 1 22:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3afc5ec18c0197d67e0d980652ba2191856de07a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f2:02:76:7d:c8:f9:71:96:f1:2b:36:d3:11:
39:d5:4e:f9:8e:2f:2e:80:c5:cd:34:06:98:0b:ef:
f6:f0:54:62:7e:9a:6a:10:4a:7f:04:ed:be:11:6a:
08:61:e9:29:ce:9d:d4:e8:cf:7e:fb:cd:a3:60:32:
d7:ad:6a:3d:17:ba:97:e6:87:83:68:02:eb:83:31:
27:ba:1d:84:58:1a:2f:07:17:04:ab:fe:26:fe:3f:
11:5a:08:fc:17:50:3f:80:05:4b:55:58:df:2d:d9:
8f:bc:94:32:7f:4c:3e:ac:ec:7f:c1:13:77:34:e8:
fc:45:24:4f:e7:c7:03:05:07:a7:d1:00:86:b1:5c:
ba:78:91:a6:14:50:d0:3f:ee:f5:a5:3f:45:c3:e6:
8d:0e:53:d8:32:e5:da:25:4a:20:e4:f1:49:45:6a:
9c:6f:04:f1:41:11:39:45:c4:0f:e9:13:49:2a:ca:
00:29:e7:2f:b6:2a:7f:a0:d1:af:f5:24:e1:0c:e3:
3a:66:9a:60:3b:ab:9a:bd:b2:fd:11:fd:b2:77:97:
13:d9:15:9c:51:73:55:0b:38:65:6d:4f:b8:74:41:
ec:cb:49:0b:dc:8c:40:99:30:7e:83:c4:b5:97:77:
ca:c6:a4:a3:55:da:bb:14:91:b8:6b:d2:b4:ed:7d:
ad:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:FC:5E:C1:8C:01:97:D6:7E:0D:98:06:52:BA:21:91:85:6D:E0:7A
X509v3 Authority Key Identifier:
keyid:FA:9B:89:F3:67:D4:FB:95:02:87:70:1F:62:D4:A0:39:B7:F6:CB:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-puJ82fU-5UCh3AfYtSgObf2yyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/98933a-7581-4979-9121-0e1a68c7563b/1/OvxewYwBl9Z-DZgGUrohkYVt4Ho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/98933a-7581-4979-9121-0e1a68c7563b/1/1-puJ82fU-5UCh3AfYtSgObf2yyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.233.96.0/20
Signature Algorithm: sha256WithRSAEncryption
81:a8:e7:5a:2f:34:e0:f8:ce:40:89:02:87:8a:a0:a8:24:71:
72:cc:53:68:b8:90:ae:fd:d3:00:47:5c:85:58:9f:0b:0d:5d:
43:c2:d4:cc:22:81:85:0f:9f:72:2d:06:c3:d0:55:e6:24:85:
75:34:a3:e2:f4:2d:dc:c5:75:4a:88:aa:18:65:ec:be:2a:8a:
60:ef:a5:93:87:54:e6:6c:2d:90:7e:48:12:eb:5b:27:c0:b4:
f3:ea:01:c5:88:ee:8d:57:b3:ff:df:51:d2:3e:d8:44:41:0e:
e3:53:43:0a:70:ad:70:f6:d3:a6:99:1c:c9:2a:e7:6a:cd:a6:
14:38:e9:5f:67:a9:bc:2d:16:fb:be:4d:b5:10:22:5e:39:b4:
36:ea:32:a9:e2:be:9d:26:49:71:46:2e:ee:29:f5:7a:5c:38:
fc:b7:26:27:94:24:29:fc:dc:97:84:94:0a:76:f0:e5:46:68:
66:93:e9:5c:4c:69:89:ee:44:93:ec:7d:55:ee:d1:c0:6e:39:
74:a7:bb:fa:0c:9b:8a:23:6b:55:66:cd:e4:16:77:91:b0:cb:
ed:2c:23:9c:93:1a:10:9f:df:fa:d1:13:85:7c:ad:1a:4b:16:
6b:90:c9:a0:2c:70:6b:a4:15:86:99:59:70:55:27:6c:3e:4e:
4c:91:54:5b
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVvZw2OEGeLSvbyRVfwaxecMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhOWI4OWYzNjdkNGZiOTUwMjg3NzAxZjYyZDRhMDM5Yjdm
NmNiMjAwHhcNMjMwMTAxMjIxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWZjNWVjMThjMDE5N2Q2N2UwZDk4MDY1MmJhMjE5MTg1NmRlMDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvICdn3I+XGW8Ss20xE51U75ji8u
gMXNNAaYC+/28FRifppqEEp/BO2+EWoIYekpzp3U6M9++82jYDLXrWo9F7qX5oeD
aALrgzEnuh2EWBovBxcEq/4m/j8RWgj8F1A/gAVLVVjfLdmPvJQyf0w+rOx/wRN3
NOj8RSRP58cDBQen0QCGsVy6eJGmFFDQP+71pT9Fw+aNDlPYMuXaJUog5PFJRWqc
bwTxQRE5RcQP6RNJKsoAKecvtip/oNGv9SThDOM6ZppgO6uavbL9Ef2yd5cT2RWc
UXNVCzhlbU+4dEHsy0kL3IxAmTB+g8S1l3fKxqSjVdq7FJG4a9K07X2tTwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDr8XsGMAZfWfg2YBlK6IZGFbeB6MB8GA1UdIwQY
MBaAFPqbifNn1PuVAodwH2LUoDm39ssgMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1wdUo4MmZVLTVVQ2gzQWZZdFNnT2JmMnl5QS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUvOTg5MzNhLTc1ODEtNDk3OS05MTIx
LTBlMWE2OGM3NTYzYi8xL092eGV3WXdCbDlaLURaZ0dVcm9oa1lWdDRIby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjUvOTg5MzNhLTc1ODEtNDk3OS05MTIxLTBlMWE2OGM3NTYz
Yi8xLzEtcHVKODJmVS01VUNoM0FmWXRTZ09iZjJ5eUEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAQl6WAw
DQYJKoZIhvcNAQELBQADggEBAIGo51ovNOD4zkCJAoeKoKgkcXLMU2i4kK790wBH
XIVYnwsNXUPC1MwigYUPn3ItBsPQVeYkhXU0o+L0LdzFdUqIqhhl7L4qimDvpZOH
VOZsLZB+SBLrWyfAtPPqAcWI7o1Xs//fUdI+2ERBDuNTQwpwrXD206aZHMkq52rN
phQ46V9nqbwtFvu+TbUQIl45tDbqMqnivp0mSXFGLu4p9XpcOPy3JieUJCn83JeE
lAp28OVGaGaT6VxMaYnuRJPsfVXu0cBuOXSnu/oMm4oja1VmzeQWd5Gwy+0sI5yT
GhCf3/rRE4V8rRpLFmuQyaAscGukFYaZWXBVJ2w+TkyRVFs=
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:50:28 2025 by rpki-client